From 93f9123f451d7efbe2bbcc70bca11f89704d5ef2 Mon Sep 17 00:00:00 2001
From: ethicalhack3r <ryandewhurst@gmail.com>
Date: Tue, 15 Nov 2016 20:17:09 +0100
Subject: [PATCH] Document missing options

---
 README.md                   | 10 ++++++++--
 lib/wpscan/wpscan_helper.rb | 10 ++++++++--
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 80cc5cea..0182b92c 100644
--- a/README.md
+++ b/README.md
@@ -231,11 +231,16 @@ Published on https://hub.docker.com/r/wpscanteam/wpscan/
                                         You do not need to provide the regexp delimiters, but you must write the quotes (simple or double).
     --config-file  | -c <config file>   Use the specified config file, see the example.conf.json.
     --user-agent   | -a <User-Agent>    Use the specified User-Agent.
-    --cookie <String>                   String to read cookies from.
+    --cookie <string>                   String to read cookies from.
     --random-agent | -r                 Use a random User-Agent.
     --follow-redirection                If the target url has a redirection, it will be followed without asking if you wanted to do so or not
     --batch                             Never ask for user input, use the default behaviour.
     --no-color                          Do not use colors in the output.
+    --log                               Creates a log.txt file with WPScan's output.
+    --no-banner                         Prevents the WPScan banner from being displayed.
+    --disable-accept-header             Prevents WPScan sending the Accept HTTP header.
+    --disable-referer                   Prevents setting the Referer header.
+    --disable-tls-checks                Disables SSL/TLS certificate verification.
     --wp-content-dir <wp content dir>   WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specify it.
                                         Subdirectories are allowed.
     --wp-plugins-dir <wp plugins dir>   Same thing than --wp-content-dir but for the plugins directory.
@@ -247,10 +252,11 @@ Published on https://hub.docker.com/r/wpscanteam/wpscan/
     --wordlist | -w <wordlist>          Supply a wordlist for the password brute forcer.
     --username | -U <username>          Only brute force the supplied username.
     --usernames     <path-to-file>      Only brute force the usernames from the file.
-    --threads  | -t <number of threads> The number of threads to use when multi-threading requests.
+    --cache-dir       <cache-directory> Set the cache directory.
     --cache-ttl       <cache-ttl>       Typhoeus cache TTL.
     --request-timeout <request-timeout> Request Timeout.
     --connect-timeout <connect-timeout> Connect Timeout.
+    --threads  | -t <number of threads> The number of threads to use when multi-threading requests.
     --max-threads     <max-threads>     Maximum Threads.
     --throttle        <milliseconds>    Milliseconds to wait before doing another web request. If used, the --threads should be set to 1.
     --help     | -h                     This help screen.
diff --git a/lib/wpscan/wpscan_helper.rb b/lib/wpscan/wpscan_helper.rb
index 2005dd45..74bb1309 100644
--- a/lib/wpscan/wpscan_helper.rb
+++ b/lib/wpscan/wpscan_helper.rb
@@ -84,11 +84,16 @@ def help
   puts '                                    You do not need to provide the regexp delimiters, but you must write the quotes (simple or double).'
   puts '--config-file  | -c <config file>   Use the specified config file, see the example.conf.json.'
   puts '--user-agent   | -a <User-Agent>    Use the specified User-Agent.'
-  puts '--cookie <String>                   String to read cookies from.'
+  puts '--cookie <string>                   String to read cookies from.'
   puts '--random-agent | -r                 Use a random User-Agent.'
   puts '--follow-redirection                If the target url has a redirection, it will be followed without asking if you wanted to do so or not'
   puts '--batch                             Never ask for user input, use the default behaviour.'
   puts '--no-color                          Do not use colors in the output.'
+  puts '--log                               Creates a log.txt file with WPScan\'s output.'
+  puts '--no-banner                         Prevents the WPScan banner from being displayed.'
+  puts '--disable-accept-header             Prevents WPScan sending the Accept HTTP header.'
+  puts '--disable-referer                   Prevents setting the Referer header.'
+  puts '--disable-tls-checks                Disables SSL/TLS certificate verification.'
   puts '--wp-content-dir <wp content dir>   WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specify it.'
   puts '                                    Subdirectories are allowed.'
   puts '--wp-plugins-dir <wp plugins dir>   Same thing than --wp-content-dir but for the plugins directory.'
@@ -100,10 +105,11 @@ def help
   puts '--wordlist | -w <wordlist>          Supply a wordlist for the password brute forcer.'
   puts '--username | -U <username>          Only brute force the supplied username.'
   puts '--usernames     <path-to-file>      Only brute force the usernames from the file.'
-  puts '--threads  | -t <number of threads> The number of threads to use when multi-threading requests.'
+  puts '--cache-dir       <cache-directory> Set the cache directory.'
   puts '--cache-ttl       <cache-ttl>       Typhoeus cache TTL.'
   puts '--request-timeout <request-timeout> Request Timeout.'
   puts '--connect-timeout <connect-timeout> Connect Timeout.'
+  puts '--threads  | -t <number of threads> The number of threads to use when multi-threading requests.'
   puts '--max-threads     <max-threads>     Maximum Threads.'
   puts '--throttle        <milliseconds>    Milliseconds to wait before doing another web request. If used, the --threads should be set to 1.'
   puts '--help     | -h                     This help screen.'